File Ingestion for AI

A platform engineer asks:

A rollback failed after deploy pay-742. How quickly do I page the on-call?

The approved runbook says:

Rollback failure: page on-call within 15 minutes with deploy ID. Routine deploy notes: archive within 14 days.

Now the incident assistant answers, "Archive it within 14 days." Its language may be fluent, its retriever may be fast, and its evaluation dashboard may be green. The failure happened earlier: ingestion dropped the rollback-failure line and kept the routine archive line.

In Perplexity & Model Evaluation, you learned to measure model behavior honestly. Here you build the evidence layer that a retrieval system can evaluate, cite, and trust.

Evidence can fail before retrieval

A document corpus isn't clean text waiting to be embedded. It's a collection of parser decisions:

Don't chunk a parser failure into smaller parser failures. First create faithful, traceable records. Chunk them in the next lesson.

Define the record contract first

Every adapter should return the same minimum fields:

The first lab turns one trustworthy policy excerpt into such a record.

The routing decision belongs before indexing:

The example stores the full SHA-256 checksum and abbreviates it only when printing. This diagram doesn't promise that one heuristic proves faithfulness. It names the decision your system must make observable. OCR produces another candidate extraction, not an automatic pass.

PDFs: visible pages aren't semantic text

A PDF describes how content appears on a page. It doesn't reliably label paragraphs, tables, headers, or reading order. A digitally produced PDF can expose text, while a scanned page may expose little or no extractable text. The pypdf documentation therefore supports native extraction, including a layout mode, and recommends OCR for image-only pages.^[1]

A real adapter can begin with native extraction:

Native extraction is a candidate result, not an automatic pass.

Repeated headers and footers are another quiet failure. A footer that appears on every page can become a high-frequency retrieval result.

Page-number patterns need their own rule because the values differ per page. Keep cleanup explicit and test it against representative documents.

OCR: uncertainty is part of the record

Optical character recognition reads pixels, not an embedded text layer. Tesseract's documentation calls out image scaling, thresholding, noise, skew, borders, page segmentation, and table layout as factors that can reduce output quality.^[2]

Use OCR when native extraction is absent or suspect. Store that decision.

Policy numbers deserve stricter checking than plain extracted text. If OCR reads 15 as 1S, the correct behavior is review, not a confident guess.

For production documents, critical-value checks come from product policy requirements: deadlines, amounts, eligibility words, and exceptions. They complement OCR, rather than pretending OCR is always right.

HTML: keep the answer, remove the page shell

HTML exposes meaningful structure, but a downloaded page also contains navigation, support widgets, consent text, scripts, and footers. Beautiful Soup supports removing unwanted tags with decompose() and collecting visible text with get_text().^[3]

This adapter rejects a page without <main> instead of falling back to the whole page shell. A production adapter can use site-specific selectors, but a missing trusted content region should be visible for review.

Web content may also carry text designed to redirect an AI system, such as instructions hidden in a retrieved page. OWASP treats external content containing such instructions as indirect prompt injection risk.^[4] Ingestion should label suspicious content for later controls instead of presenting it as policy evidence.

This detector is intentionally small. It demonstrates metadata flow, not a complete security policy.

Markdown: preserve the structure you already have

Markdown documentation is often the cleanest input type. Headings identify sections, lists preserve requirements, and fenced code blocks contain exact commands. Flattening all of that into one paragraph discards retrieval clues.

The record should retain a heading locator, for example heading=Rollback failure, along with its Markdown text. Later chunking can then keep the heading attached to the requirement it names.

Normalize four parser paths into one record stream

Adapters can be format-specific while the downstream contract stays uniform. Normalization must remain format-aware: collapsing whitespace is useful for extracted text, but doing that to Markdown would erase heading and fence boundaries.

The PDF, reviewed OCR, and HTML samples converge to identical text and checksums while keeping separate locators. Markdown keeps its line structure and fence markers. Checksums identify matching normalized content; they don't erase provenance.

A re-ingestion release should detect membership changes as well as text changes. An added or missing locator can change retrieval coverage even when every surviving checksum matches.

Gate what enters retrieval

An embedding index should accept evidence only after quality status is decided. That prevents empty pages, suspect OCR values, and quarantined HTML instructions from competing with trustworthy policy text.

Use a small fixture set before each re-ingestion release. It should contain the document shapes that previously failed.

Production checklist

What you built

You didn't build a generic "upload file" button. You built a controlled boundary between messy documents and retrieval:

1. Each format gets an appropriate parser path.
2. Weak native extraction branches to OCR or review.
3. Cleanup removes noise without discarding useful structure.
4. Normalized records preserve locator, parser, quality, and checksum.
5. Only evidence that passes the gate enters retrieval.

Mastery check

Key concepts

• Evidence-first document ingestion
• PDF extraction and OCR routing
• HTML boilerplate and untrusted content
• Markdown structure preservation
• Provenance, checksums, and quality checks

Evaluation rubric

• Foundational: Chooses a sensible parser path for PDF, scanned image, HTML, or Markdown
• Foundational: Stores source and locator fields before creating chunks
• Intermediate: Routes weak extraction and suspect OCR output away from indexing
• Intermediate: Removes HTML boilerplate while retaining policy content
• Intermediate: Preserves Markdown heading and fenced-code structure
• Advanced: Explains an incorrect retrieved answer through parser evidence, checksum changes, and quality status

Follow-up questions

Common pitfalls

• Indexing before inspection: An empty or interleaved PDF page enters retrieval. Fix: gate native extraction and route suspect pages to OCR or review.
• Trusting policy numbers from OCR: 15 becomes 1S and the answer invents a deadline. Fix: validate critical values and block uncertain records.
• Embedding web page shell: Navigation and footer text swamp policy content. Fix: extract main content and quarantine instruction-like text.
• Dropping structure and provenance: A retrieved sentence can't be located or updated. Fix: retain heading, locator, parser, quality, and checksum through chunking.